Hi Brant, Thanks for describing the environment and including the version information.
NiFi 2.0.0-M3 introduced support for the Client Credentials Grant Type in conjunction with OpenID Connect authentication, but did not include changes to the NiFi CLI. Support for Client Credentials could be added to the NiFi CLI now that the REST API supports it, and that would involve a new feature request. As far as a solution that could be implemented with existing versions, one common pattern is to provision a client certificate that is specific to the NiFi CLI, and use that for automated REST API requests. When configured with OpenID Connect, NiFi still supports mutual TLS with client certificates, so that is another way forward. Regards, David Handermann On Wed, Jun 12, 2024 at 3:54 PM Brant Gardner <bcgard...@solventum.com> wrote: > We have NiFi 2.0.0-M2 installed in a secure environment (OIDC) and we’re > trying to utilize the CLI (running on the same machine, so against > localhost). We’re finding it nearly impossible to make any calls against > the server due to 403 Forbidden errors. It **does** seem to work with > registry commands, just not nifi commands. > > > > Is there any documentation for how to contact the server with the CLI in > this type of configuration? > > > > *Brant Gardner* > > Software Developer – BI & Analytics > > Time: GMT -6:00 > > bcgard...@solventum.com > [image: A black background with green text Description automatically > generated] > > >
